Nomad TLS error in CI pipeline
In the process of migrating our Hashicorp Nomad workload to our new Nomad cluster, I also tried to simplify our CI pipelines and ran into an issue with Nomad.
In the process of migrating our Hashicorp Nomad workload to our new Nomad cluster, I also tried to simplify our CI pipelines and ran into an issue with Nomad.
Nomad version 1.5 comes with Single sign-on (SSO) and OIDC support. As we shifted to an Office 365 environment some time ago, we have been using Entra ID (previously known as Azure Active Directory) as our primary SSO solution whenever possible.
One of my recent tasks was to run an upgrade of a production PostgreSQL database. Since we have PostgreSQL running in a Docker container in our Hashicorp Nomad environment, I assumed it would be enough to switch to a new Docker image and everything would be working fine.
Recently, we've been running into a weird problem. After restarting 2 nodes in our Nomad cluster, we could not properly access GitLab via SSH anymore. Web access was working fine, also cloning via https:// worked, but not via SSH which is what most of our developers use by default.
Earlier this year we decided to test Renovate to manage automated dependency updates in our self-hosted GitLab environment. Being able to run Renovate in our own environment and configure it to our needs made a lot of sense. Since we run our internal tooling on a Nomad cluster, we had to configure a Nomad job for Renovate.