Springboot Docker Secret Starter

'A Spring Boot launcher that allows you to read the contents of Docker containers secrets into your Spring Boot application'

License

License

Categories

Categories

Spring Boot Container Microservices Docker Virtualization Tools
GroupId

GroupId

com.github.rozidan
ArtifactId

ArtifactId

docker-secret-spring-boot-starter
Last Version

Last Version

1.0.1
Release Date

Release Date

Type

Type

pom.sha512
Description

Description

Springboot Docker Secret Starter
'A Spring Boot launcher that allows you to read the contents of Docker containers secrets into your Spring Boot application'
Project URL

Project URL

https://github.com/rozidan/docker-secret-spring-boot-starter.git
Project Organization

Project Organization

Idan Rozenfeld
Source Code Management

Source Code Management

https://github.com/rozidan/docker-secret-spring-boot-starter.git

Download docker-secret-spring-boot-starter

Dependencies

There are no dependencies for this project. It is a standalone project that does not depend on any other jars.

Project Modules

There are no modules declared in this project.

Spring Boot Docker Secret Starter

A Spring Boot launcher that allows you to read the contents of Docker containers secrets into your Spring Boot application.

Build Status Coverage Status

Maven Central Sonatype Nexus (Snapshots)

License

Features

Register the docker-secret starter to your Spring Boot application and reads docker container secrets content to spring properties before it is starting up

Setup

In order to add docker-secret to your project simply add this dependency to your classpath:

<dependency>
    <groupId>com.github.rozidan</groupId>
    <artifactId>docker-secret-spring-boot-starter</artifactId>
    <version>1.0.0</version>
</dependency>
compile 'com.github.rozidan:docker-secret-spring-boot-starter:1.0.0'

For snapshots versions add the sonatype public repository:

repositories {
    mavenCentral()
    maven { url "https://oss.sonatype.org/content/groups/public" }
    ...
}

How does it work?

According to the file names, the docker-secrets starter reads the secrets before the application starts up and adds/overrides spring properties with their content. For example, if there is a secret called "spring.my.prop", the property "my.prop" will be added or overrode, and its content will be the secret file content

Which secrets are going to be Spring property?

There are two different prefixes for secrets that will convert to Spring properties:

  • "spring.*" - the property content will be exactly as secret content.
  • "spring64.*" - the property content will be base64 decoded.

From which folder will include the extraction of the secrets?

The property/env called "secrets.path" allocates folder path.

Example for classpath folder:

secrets.path=classpath:/secretstests/*

Example for system folder:

secrets.path=file:/run/secrets/*

NOTE: The default path for Docker secrets is "/run/secrets/*",
            and it is the default path in case 'secrets.path' is not defined

The property source

A new property source (PropertiesPropertySource) will be created with a name as follows:

"Container secrets converted to properties via location '[the path of the secrets]' with '[full class name of the EnvironmentPostProcessor]'"

and this is how it will showed with the actuator endpoints.

Docker container configuration

Example for a secret config within Docker compose:

secrets:
   - source: database-pass
     target: spring.my.database.pass

License

Apache-2.0

Versions

Version
1.0.1