Skip to content

Commit 1eb0b9a

Browse files
jagednjagedn
authored
create a token secured cluster with ACL for validation (#57)
Signed-off-by: Jorge Aguilera <[email protected]>
1 parent 00992b7 commit 1eb0b9a

File tree

3 files changed

+33
-5
lines changed

3 files changed

+33
-5
lines changed

validation/README.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,9 @@ sudo ./start-nomad.sh
2121
Basically this command create a `nomad_temp` folder, run a server and a client, and mount `nomad_temp/scratchdir` as a `local` volume
2222
, so all pipelines can/must use it as working dir
2323

24+
Use `--secure` argument if you want to create a secured cluster. The script will bootstrap an ACL and a NOMAD_TOKEN
25+
will be generated (see the output of the script)
26+
2427
## Run pipelines examples
2528

2629
open another terminal and execute:

validation/start-nomad.sh

Lines changed: 29 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,11 @@
11
#!/bin/bash
2-
set -uex
2+
set -ue
33

4-
export NOMAD_VERSION="1.8.1"
5-
export NOMAD_PLATFORM="linux_amd64"
4+
NOMAD_VERSION="1.8.1"
5+
NOMAD_PLATFORM="linux_amd64"
6+
7+
SECURE=0
8+
[[ "$@" =~ '--secure' ]] && SECURE=1
69

710
if [ ! -f ./nomad ]; then
811
curl -O "https://releases.hashicorp.com/nomad/${NOMAD_VERSION}/nomad_${NOMAD_VERSION}_${NOMAD_PLATFORM}.zip"
@@ -23,6 +26,14 @@ cat >server-custom.conf <<EOL
2326
data_dir = "${CURRENT_DIR}/server"
2427
EOL
2528

29+
if [ "$SECURE" == 1 ]; then
30+
cat >>server-custom.conf <<EOL
31+
acl {
32+
enabled = true
33+
}
34+
EOL
35+
fi
36+
2637
rm -f client-custom.conf
2738
cat >client-custom.conf <<EOL
2839
data_dir = "${CURRENT_DIR}/client"
@@ -37,4 +48,18 @@ EOL
3748

3849
cp ../server.conf .
3950
cp ../client.conf .
40-
../nomad agent -config server.conf -config client.conf -config server-custom.conf -config client-custom.conf
51+
52+
if [ "$SECURE" == 0 ]; then
53+
# basic nomad cluter
54+
../nomad agent -config server.conf -config client.conf -config server-custom.conf -config client-custom.conf
55+
else
56+
# secured nomad cluster
57+
../nomad agent -config server.conf -config client.conf -config server-custom.conf -config client-custom.conf &
58+
cd ..
59+
./wait-nomad.sh
60+
sleep 3
61+
NOMAD_TOKEN=$(nomad acl bootstrap | awk '/^Secret ID/ {print $4}')
62+
export NOMAD_TOKEN
63+
echo New super token generated.
64+
echo export NOMAD_TOKEN=$NOMAD_TOKEN
65+
fi

validation/wait-nomad.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
#!/bin/bash
22

3-
until curl --output /dev/null --silent --head --fail http://localhost:4646; do
3+
until curl --output /dev/null --silent --fail http://localhost:4646/v1/status/leader; do
44
printf '.'
55
sleep 5
66
done

0 commit comments

Comments
 (0)