I am running a service with nomad that has its only viable healthcheck endpoint requiring authorization. You can pass in the token via URL parameter or HTTP header. Configuring either one works in the nomad config, but I’d like to have that key be retrieved from consul/vault (I don’t have vault setup on my dev environment atm).
I believe the only opportunity you have for templating in Vault data is inside of template blocks. Personally I switched over to a workflow that involves levant and I don’t regret it. It’s made some other problems much easier to solve.
That’s what I was thinking, yeah. I was migrating away from an over-complicated levant setup, but it seems I might have to introduce it back in some parts. The other downside is I don’t get the nice integration between nomad and consul that automatically restarts your jobs. Ah well
Am I misunderstanding this? I want to retrieve auth token used the the service check header/path from consul-kv/vault, rather than having it hard-coded in the nomad .hcl file. I can template it with levant, which works w/ retrieving the key from consul but you don’t gain the functionality in nomad where changes in the consul-KV store update the corresponding nomad job (you have to rerun the levant template manually).