diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl index 4ea9f1e6df51..6ea8804909e1 100644 --- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl +++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl @@ -1,12 +1,12 @@ -agent_prefix "" { +agent "{{.Name}}" { policy = "read" } -node_prefix "" { - policy = "read" +node "{{.Name}}" { + policy = "write" } service_prefix "" { policy = "write" } key_prefix "" { policy = "read" -} \ No newline at end of file +} diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl index 7030ff771a19..4eeaa39ae5a3 100644 --- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl +++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl @@ -1,11 +1,12 @@ +acl = "write" +mesh = "write" -acl = "write" -agent_prefix "" { +agent "{{.Name}}" { policy = "read" } -node_prefix "" { - policy = "read" +node "{{.Name}}" { + policy = "write" } service_prefix "" { policy = "write" -} \ No newline at end of file +} diff --git a/command/acl/templatedpolicy/formatter.go b/command/acl/templatedpolicy/formatter.go index e71b52a37550..32263d9c92cd 100644 --- a/command/acl/templatedpolicy/formatter.go +++ b/command/acl/templatedpolicy/formatter.go @@ -71,11 +71,11 @@ func (f *prettyFormatter) FormatTemplatedPolicy(templatedPolicy api.ACLTemplated switch templatedPolicy.TemplateName { case api.ACLTemplatedPolicyServiceName: nameRequiredVariableOutput(&buffer, templatedPolicy.TemplateName, "The name of the service", "api") - case api.ACLTemplatedPolicyNodeName: + case api.ACLTemplatedPolicyNodeName, api.ACLTemplatedPolicyNomadServerName, api.ACLTemplatedPolicyNomadClientName: nameRequiredVariableOutput(&buffer, templatedPolicy.TemplateName, "The node name", "node-1") case api.ACLTemplatedPolicyAPIGatewayName: nameRequiredVariableOutput(&buffer, templatedPolicy.TemplateName, "The api gateway service name", "api-gateway") - case api.ACLTemplatedPolicyDNSName, api.ACLTemplatedPolicyNomadServerName, api.ACLTemplatedPolicyNomadClientName: + case api.ACLTemplatedPolicyDNSName: noRequiredVariablesOutput(&buffer, templatedPolicy.TemplateName) default: buffer.WriteString(" None\n") diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden index 00d361fac806..61d2d762ae5d 100644 --- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden +++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden @@ -1,6 +1,6 @@ { "TemplateName": "builtin/nomad-client", "Schema": "", - "Template": "agent_prefix \"\" {\n policy = \"read\"\n}\nnode_prefix \"\" {\n policy = \"read\"\n}\nservice_prefix \"\" {\n policy = \"write\"\n}\nkey_prefix \"\" {\n policy = \"read\"\n}", + "Template": "agent \"{{.Name}}\" {\n policy = \"read\"\n}\nnode \"{{.Name}}\" {\n policy = \"write\"\n}\nservice_prefix \"\" {\n policy = \"write\"\n}\nkey_prefix \"\" {\n policy = \"read\"\n}\n", "Description": "Gives the token or role permissions required for integration with a nomad client." } \ No newline at end of file diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden index bb8053bcc229..59360c8527dd 100644 --- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden +++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden @@ -1,14 +1,15 @@ Name: builtin/nomad-client Description: Gives the token or role permissions required for integration with a nomad client. -Input variables: None +Input variables: + Name: String - Required - The node name. Example usage: - consul acl token create -templated-policy builtin/nomad-client + consul acl token create -templated-policy builtin/nomad-client -var name:node-1 Raw Template: -agent_prefix "" { +agent "{{.Name}}" { policy = "read" } -node_prefix "" { - policy = "read" +node "{{.Name}}" { + policy = "write" } service_prefix "" { policy = "write" @@ -16,3 +17,4 @@ service_prefix "" { key_prefix "" { policy = "read" } + diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden index 6dd152d4985c..8125eaaa423f 100644 --- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden +++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden @@ -1,5 +1,6 @@ Name: builtin/nomad-client Description: Gives the token or role permissions required for integration with a nomad client. -Input variables: None +Input variables: + Name: String - Required - The node name. Example usage: - consul acl token create -templated-policy builtin/nomad-client + consul acl token create -templated-policy builtin/nomad-client -var name:node-1 diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden index 871b26dac349..400edcc8f596 100644 --- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden +++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden @@ -1,6 +1,6 @@ { "TemplateName": "builtin/nomad-server", "Schema": "", - "Template": "\nacl = \"write\"\nagent_prefix \"\" {\n policy = \"read\"\n}\nnode_prefix \"\" {\n policy = \"read\"\n}\nservice_prefix \"\" {\n policy = \"write\"\n}", + "Template": "acl = \"write\"\nmesh = \"write\"\n\nagent \"{{.Name}}\" {\n policy = \"read\"\n}\nnode \"{{.Name}}\" {\n policy = \"write\"\n}\nservice_prefix \"\" {\n policy = \"write\"\n}\n", "Description": "Gives the token or role permissions required for integration with a nomad server." } \ No newline at end of file diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden index 60c196115180..290bf6ee4cc3 100644 --- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden +++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden @@ -1,17 +1,20 @@ Name: builtin/nomad-server Description: Gives the token or role permissions required for integration with a nomad server. -Input variables: None +Input variables: + Name: String - Required - The node name. Example usage: - consul acl token create -templated-policy builtin/nomad-server + consul acl token create -templated-policy builtin/nomad-server -var name:node-1 Raw Template: +acl = "write" +mesh = "write" -acl = "write" -agent_prefix "" { +agent "{{.Name}}" { policy = "read" } -node_prefix "" { - policy = "read" +node "{{.Name}}" { + policy = "write" } service_prefix "" { policy = "write" } + diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden index e65d016320a6..45f8e11dd875 100644 --- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden +++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden @@ -1,5 +1,6 @@ Name: builtin/nomad-server Description: Gives the token or role permissions required for integration with a nomad server. -Input variables: None +Input variables: + Name: String - Required - The node name. Example usage: - consul acl token create -templated-policy builtin/nomad-server + consul acl token create -templated-policy builtin/nomad-server -var name:node-1