A Spring Boot launcher that allows you to read the contents of Docker containers secrets into your Spring Boot application.
Register the docker-secret starter to your Spring Boot application and reads docker container secrets content to spring properties before it is starting up
In order to add docker-secret to your project simply add this dependency to your classpath:
<dependency>
<groupId>com.github.rozidan</groupId>
<artifactId>docker-secret-spring-boot-starter</artifactId>
<version>1.0.0</version>
</dependency>
compile 'com.github.rozidan:docker-secret-spring-boot-starter:1.0.0'
For snapshots versions add the sonatype public repository:
repositories {
mavenCentral()
maven { url "https://oss.sonatype.org/content/groups/public" }
...
}
According to the file names, the docker-secrets starter reads the secrets before the application starts up and adds/overrides spring properties with their content. For example, if there is a secret called "spring.my.prop", the property "my.prop" will be added or overrode, and its content will be the secret file content
There are two different prefixes for secrets that will convert to Spring properties:
- "spring.*" - the property content will be exactly as secret content.
- "spring64.*" - the property content will be base64 decoded.
The property/env called "secrets.path" allocates folder path.
Example for classpath folder:
secrets.path=classpath:/secretstests/*
Example for system folder:
secrets.path=file:/run/secrets/*
NOTE: The default path for Docker secrets is "/run/secrets/*",
and it is the default path in case 'secrets.path' is not defined
A new property source (PropertiesPropertySource) will be created with a name as follows:
"Container secrets converted to properties via location '[the path of the secrets]' with '[full class name of the EnvironmentPostProcessor]'"
and this is how it will showed with the actuator endpoints.
Example for a secret config within Docker compose:
secrets:
- source: database-pass
target: spring.my.database.pass