Generate JWT token from v2_key

agrare · Jun 4, 2024 · ca9adce · ca9adce
1 parent 41c4a5c
commit ca9adce
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 1 deletion.
diff --git a/bin/before_install b/bin/before_install
@@ -4,6 +4,7 @@ if [ -n "$CI" ]; then
   echo "== Installing system packages =="
   sudo apt-get update
   sudo apt-get install -y libcurl4-openssl-dev
+  sudo apt-get install -y libsodium-dev
   echo
 fi
 

diff --git a/lib/terraform/runner.rb b/lib/terraform/runner.rb
@@ -69,7 +69,7 @@ def server_url
       end
 
       def server_token
-        ENV.fetch('TERRAFORM_RUNNER_TOKEN', nil)
+        @server_token ||= ENV.fetch('TERRAFORM_RUNNER_TOKEN', jwt_token)
       end
 
       def stack_job_interval_in_secs
@@ -179,6 +179,17 @@ def encoded_zip_from_directory(template_path)
           Base64.encode64(File.binread(zip_file_path))
         end
       end
+
+      def jwt_token
+        require "jwt"
+
+        payload = {'Username' => 'opentofu-runner'}
+        JWT.encode(payload, v2_key.key, 'HS256')
+      end
+
+      def v2_key
+        ManageIQ::Password.key
+      end
     end
   end
 end
diff --git a/manageiq-providers-embedded_terraform.gemspec b/manageiq-providers-embedded_terraform.gemspec
@@ -18,6 +18,8 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.add_dependency "jwt", "~>2.2"
+
   spec.add_development_dependency "manageiq-style"
   spec.add_development_dependency "simplecov",  ">= 0.21.2"
 end