this is my template block. It returns to me my bitbuckt username and password that are stored in the vault. This is working, the data is successfully written to the file.env file inside secrets
But when I try to pass the environment variables created in my artifact it returns an error. This is my artifact block:
So the problem is that environment variables are not available at the time artifact (and other variables) are interpolated. Environment variables are only set inside the task, while artifact are retrieved by the client agent.
What you could do is maybe use a prestart task to manually clone the repo into the alloc dir? If you have git installed you can use the exec driver directly, or a lightweight Docker image that has the git command.
Here’s an example:
job "private-git-clone" {
datacenters = ["dc1"]
group "repo" {
task "clone" {
driver = "exec"
lifecycle {
hook = "prestart"
}
config {
command = "git"
args = ["clone", "https://${USER}:${SENHA}@bitbucket.org/${USER}/nomad.git", "${NOMAD_ALLOC_DIR}/repo"]
}
template {
data = <<EOF
USER="{{ ... }}"
SENHA="{{ ... }}"
EOF
destination = "${NOMAD_SECREST_DIR}/env"
env = true
}
}
task "repo" {
driver = "docker"
config {
image = "ubuntu:20.04"
command = "/bin/bash"
args = ["local/script.sh"]
# Mount a path in the allocation directory into the Docker container.
mount {
type = "bind"
source = "..${NOMAD_ALLOC_DIR}/repo"
target = "/repo"
}
}
template {
data = <<EOF
cat /repo/README.md
while true
do
sleep 10
done
EOF
destination = "local/script.sh"
}
}
}
}
See if this works for you, and let us know how it goes
Hi! Thank you so much for the quick feedback! This worked perfectly. It answered exactly what I wanted.
I just wanted to know, I didn’t understand this part of the script very well, could you explain to me what its functionality is? I even ran the job with it and then without this snippet and they worked correctly. What is this script below in the task for?
Ah sorry, I was actually supposed to remove that before posting, but forgot about it
That’s just a quick script that I used to test if the git clone command worked. It prints the README.md file to the output log then sleeps forever in an infinite loop. This loop is used to keep the allocation running and prevent Nomad from restarting the task.