Hello,
I’m trying to create docker containers with nomad docker driver. This docker container needs vault secrets to execute my task. How do i pass these vault secrets to docker container during container spin-up.
Vault secrets are defined in the template.data stanza (heredoc) in the below nomad job spec. But how do i pass the same variables as docker run arguments $HOSTNAME, $USERNAME?
group "execute" {
task "executor" {
driver = "docker"
config {
image = "repos.images.com/apple_image:0.1"
args = [
$HOSTNAME,
$USERNAME
]
template {
data = <<EOF
{{ with secret "secret/mysecrets/apple_secrets" }}
USERNAME = "{{ .Data.username }}"
HOSTNAM = "{{ .Data.hostnam }}"
{{ end }}
EOF
destination = "secrets/vault.env"
env = true
perms = "600"
}
}
}
vault {
policies = ["apple_policy"]
change_mode = "signal"
change_signal = "SIGUSR1"
}
Thanks in advance!