Reputation: 311
Replace Env Variables Placeholder in spring config server native mode with vault secret
I am currently working in a scenario where I need to use spring cloud config server for centralised config management.
Previously we were using the "native" mode to store the configurations in the local filesystem. And the sensitive information like database passwords were stored in the environment variables of the client services.
But, now we want to also use "Hashicorp Vault" to store the database passwords as "secrets", and simply replace the env variable placeholders in the native files with the secret fetched from vault during the startup.
Current Setup (only "native" mode)
--resources
--config
--serviceA-dev.properties
Sample content of serviceA-dev.properties
spring.datasource.connectionProperties=jdbc:postgresql://${PG_HOST}:${PG_PORT}/${DB_NAME};username=${DB_USERNAME};password=${DB_PASSWORD}
Expected Setup (both "native" & "vault" mode)
--resources
--config
--serviceA-dev.properties
Sample Content of serviceA-dev.properties
spring.datasource.connectionProperties=jdbc:postgresql://${PG_HOST}:${PG_PORT}/${DB_NAME};username=${DB_USERNAME};password=${DB_PASSWORD}
But here instead of storing the values of ${DB_PASSWORD} in env variables, we want to connect to vault during the startup, and then replace this with the actual value fetched from the vault
So, can this be achieved?
Upvotes: 4
Views: 212
Answers (0)
Related Questions
- Java spring vault not reading secret from hashicorp vault?
- Spring boot cannot read Vault secret: IllegalArgumentException Could not resolve placeholder
- Spring Cloud Vault error: nested exception is javax.net.ssl.SSLHandshakeException: extension (5) should not be presented in certificate_request
- spring Vault location [secret/my-application] not resolvable: Not found
- Token authentication not working when Hashicorp vault is sealed
- Properties are not read from Vault on Integrating Vault with Spring Cloud Config Server
- Fallback to local config if Spring Vault config is disabled