[WIP] Enable mTLS in Nomad e2e terraform

[notnoop]

This adds an option to enable mutual tls for nomad e2e testing that I built to reproduce #5920 .

This mTLS implementation secures the test cluster. The current e2e terraform files starts up a test cluster that's wide open to world and in plaintext. Instead, this implementation creates a new dedicated root CA for each cluster and requires all participants use keys signed by it.

To ease interacting with the cluster, the keys and certificates are available in keys, so locally, one needs to set the following variables like the following fashion:

export NOMAD_CACERT=$(pwd)/keys/tls_ca.crt
export NOMAD_CLIENT_CERT=$(pwd)/keys/tls_api_client.crt
export NOMAD_CLIENT_KEY=$(pwd)/keys/tls_api_client.key
export NOMAD_ADDR=https://3.92.112.122:4646

There are few remaining TODOs:

• update consul to use certificates
• update terraform output to only return the relevant environment variables
• update e2e scripts to use the tls environment variables
• update terraform/ directory.

[tgross]

Following a discussion I had with @notnoop, I'm going to assign this PR to myself to carry as part of work I'm doing on nightly e2e testing.

[notnoop]

This is a bit stale - closing - will reopen when we work on e2e again.

[github-actions]

I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.