From 0d57c9eee5d20f00b8227a237e74ec0add287ba8 Mon Sep 17 00:00:00 2001 From: Henrik Jess Nielsen Date: Wed, 27 May 2026 15:16:00 +0200 Subject: [PATCH] fix: switch to Consul KV template for secrets injection - Consul now running on int node (joined cluster) - provider=consul re-enabled (int has consul.version=1.22.7) - Removed sed placeholder approach + Gitea secrets requirement - Added template{} stanzas reading from consul kv mmd/* keys - Cleaned up deploy.yml (removed sed substitution step) --- .gitea/workflows/deploy.yml | 14 ++-------- mmd.nomad | 55 +++++++++++++++++++++++-------------- 2 files changed, 37 insertions(+), 32 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 6dd56f7..1600a6b 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -80,23 +80,13 @@ jobs: env: NOMAD_ADDR: "https://nomad.i80.dk:4646" - - name: Substitute secrets into Nomad job - run: | - sed \ - -e "s|__DATABASE_URL__|${{ secrets.DATABASE_URL }}|g" \ - -e "s|__ANTHROPIC_API_KEY__|${{ secrets.ANTHROPIC_API_KEY }}|g" \ - -e "s|__SAXO_APP_KEY__|${{ secrets.SAXO_APP_KEY }}|g" \ - -e "s|__SAXO_APP_SECRET_1__|${{ secrets.SAXO_APP_SECRET_1 }}|g" \ - -e "s|__SAXO_BASE__|${{ secrets.SAXO_BASE }}|g" \ - mmd.nomad > mmd_deploy.nomad - - name: Validate Nomad job - run: nomad job validate mmd_deploy.nomad + run: nomad job validate mmd.nomad env: NOMAD_ADDR: "https://nomad.i80.dk:4646" - name: Deploy to Nomad - run: nomad job run mmd_deploy.nomad + run: nomad job run mmd.nomad env: NOMAD_ADDR: "https://nomad.i80.dk:4646" diff --git a/mmd.nomad b/mmd.nomad index 49c5a0c..ef2fed6 100644 --- a/mmd.nomad +++ b/mmd.nomad @@ -36,7 +36,7 @@ job "moneymaker" { } service { - provider = "nomad" + provider = "consul" name = "moneymaker" port = "http" @@ -78,18 +78,26 @@ job "moneymaker" { mode = "fail" } + template { + data = <