karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré (Jira) <j...@apache.org>
Subject [jira] [Updated] (KARAF-6733) Inject values from files in config files
Date Thu, 08 Oct 2020 13:20:00 GMT

     [ https://issues.apache.org/jira/browse/KARAF-6733?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jean-Baptiste Onofré updated KARAF-6733:
----------------------------------------
    Fix Version/s:     (was: 4.3.1)
                       (was: 4.2.11)

>  Inject values from files in config files
> -----------------------------------------
>
>                 Key: KARAF-6733
>                 URL: https://issues.apache.org/jira/browse/KARAF-6733
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf
>    Affects Versions: 4.2.8
>            Reporter: Alex Soto
>            Assignee: Jean-Baptiste Onofré
>            Priority: Minor
>
> Currently, I can have the following in a configuration file:
>   
>       org.ops4j.pax.web.ssl.password={color:#2a00ff}${env:MYPASSWORD}{color}
>   
>  And,  as the documentation states:
> {quote}Environment variables can be referenced inside configuration files using the syntax
{{$\{env:<name>}}} (e.g. {{property=$\{env:FOO}}} will set "property" to the value of
the enviroment variable "FOO"). 
> {quote}
>  
>  Karaf will use the value from the environment variable. It's all good, but... 
>   
>  When used with Docker secrets, this forces you to copy the secret from the default location
"/run/secrets/" to an environment variable. 
>   
>  This is a proposal to add a Karaf mechanism to inject values from files in config files.
For example: 
>   
>      org.ops4j.pax.web.ssl.password={color:#2a00ff}${[file:/run/secrets/mypassword|file:///run/secrets/mypassword]}{color}
>   
>  So, when Karaf’s see the prefix _$[file:_|file:///_]  it will get the content of
the file and use it as the value of the configuration key.
>   
>  This way:
>   
>    1) I don’t have to write a complex script to copy the secret into the environment
variable, and
>    2) the secret is only in one place.
>   
>   
>  (prefix "file" is just for illustration, it can be something else)
>   
> See discussion here:  [http://karaf.922171.n3.nabble.com/Using-Docker-Secrets-in-Karaf-Configuration-td4058215.html]
>   



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message