Update nomad policies to match https://developer.hashicorp.com/nomad/…

…docs/integrations/consul/acl#nomad-agents
hashicorp · Oct 23, 2024 · c1bd646 · c1bd646
1 parent 2618fc1
commit c1bd646
Show file tree

Hide file tree

Showing 6 changed files with 12 additions and 8 deletions.
diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
@@ -2,7 +2,7 @@ agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"

diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
@@ -1,10 +1,12 @@
 
-acl = "write"
+acl  = "write"
+mesh = "write"
+
 agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"

diff --git a/...mplatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden b/...mplatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-client",
     "Schema": "",
-    "Template": "agent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"read\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}",
+    "Template": "agent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}",
     "Description": "Gives the token or role permissions required for integration with a nomad client."
 }
diff --git a/...policy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden b/...policy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
@@ -8,7 +8,7 @@ agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"

diff --git a/...mplatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden b/...mplatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-server",
     "Schema": "",
-    "Template": "\nacl = \"write\"\nagent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"read\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}",
+    "Template": "\nacl  = \"write\"\nmesh = \"write\"\n\nagent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}",
     "Description": "Gives the token or role permissions required for integration with a nomad server."
 }
diff --git a/...policy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden b/...policy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
@@ -5,12 +5,14 @@ Example usage:
 	consul acl token create -templated-policy builtin/nomad-server
 Raw Template:
 
-acl = "write"
+acl  = "write"
+mesh = "write"
+
 agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"