zeagord
Reputation: 2365
Securing spring cloud config credentials using vault
I’m using spring-cloud-config-server with Git as a backend. I want to secure the git credentials of my private repository (username and password) to be served from the vault server.
I'm thinking to extend the GitCredentialsProviderFactory and create the credentials bean using createFor() with values from the vault. Is this a right approach or there are other recommended ways?
Upvotes: 3
Views: 570
Answers (1)
zeagord
Reputation: 2365
Instead of using the GitCredentialsProviderFactory which I had thought of using. I used MultipleJGitEnvironmentProperties to create the GitPropert bean. And then supplied the credentials via the config values fetched from the vault.
@Bean MultipleJGitEnvironmentProperties createGitProps(){
MultipleJGitEnvironmentProperties
properties = new MultipleJGitEnvironmentProperties();
properties.setUsername(username);
properties.setUri(uri);
properties.setSearchPaths(searchPath);
properties.setPassword(password);
properties.setCloneOnStart(true);
return properties;
}
Upvotes: 2
Related Questions
- How to store secrets of a Spring Boot application in HashiCorp Vault securely?
- Configuring Spring Cloud Vault Config to pull from a location other than /secret
- UserPass Authentication Vault
- Using Microservice AppRole to Spring Cloud Config Server and Vault integration
- Spring Config Server : get secrets from vault with specific path
- Access vault secret using spring-cloud-vault and use it in application.properties
- How to use non-root vault token for vault login in spring boot
- How to retrieve db credentials using Spring Cloud Vault
- Spring Cloud Config with Git/Vault backend - token passthrough
- Use multiple ClientAuthentiation with spring-vault